When we looked at the results from our latest state-by-state comparison of the riskiest online security habits, a few things surprised us. Like techies scoring lower than average Americans. But what jumped out the most was how over-confident Americans in general are about their online security behavior. With that in mind, here are five ways to fix some of the riskiest behaviors we found in our latest survey.
Password fails
- The problem – Password practices can be risky on a number of levels. Whether it’s sharing them with friends, between applications and social media, or between personal and work accounts, password sharing makes it easier for hackers to steal your credentials for malicious purposes.
- The riskiest – Three out of four New Yorkers share passwords between business and work accounts. Between age groups, Gen Zers are more likely to share passwords than Gen Xers, millennials and Boomers.
- The fix – Use a unique password for all the applications and services you use most regularly, and never use the same passwords for work and personal use. If you’re tracking passwords on paper, keep them locked in a safe. Or, better yet, use a password manager app so you never run the risk of sharing passwords across devices, apps and internet sites.
Identity theft
- The problem – Poor cyber-security often leads to identity theft. Failing to wipe a device before discarding it is one problem. So is sharing personal information on social media and video streaming sites. The more hackers know about you, the easier it is for them to impersonate you online.
- The riskiest – Nearly 41% of Californians have had their identity stolen. And twice as many people who use mobile banking apps have been victims compared with those who don’t. Across industries, those in technology, banking and automotive are most likely to become victims of identity theft.
The fix – Cover your tracks wherever you go. Erase the contents on a device before discarding it. Beware of the personal information you reveal on social media. And consider using a bank’s website rather than its app for personal banking.
Something phishy
- The problem – We knew phishing was a problem. In fact, it may be even bigger than our results indicated. About a third of respondents reported falling victim to a phishing scam. But that’s about the same number who said they actually knew how to spot one. You can’t protect yourself from threats you don’t see coming.
- The riskiest – Nearly 50% of Texans believe they’ve been targeted in a phishing scam while two-thirds of Alabamans said they’ve provided personal information to phishing scammers. Those who use auto-bill payment are twice as likely to report falling victim to phishing scams.
- The fix – Knowledge is power. Learn the tricks of the phishing trade, like bogus URLs and emails that ask you to confirm personal and banking information. Remember, bank logos can be easily faked. And banks won’t typically reach out to you for information they already have on file. If someone claiming to be from a bank contacts you by phone, call them back on an authentic customer service number from one of your banking statements.
Backup basics
- The problem – A lot of respondents said they’re backing up. And that’s a good thing. But they’re not always backing up the way they should. Since data disasters take many forms, you need to back up both locally and in the cloud to ensure you’re protected from a range of scenarios. And backups should be stored in an encrypted format or data may be vulnerable to a data breach.
- The riskiest – Nearly 80% of Americans back up. But 60% back up only to the cloud or to a local hard drive, not both. And 22% back up manually, which can lead to the most common form of data loss of all: human error.
- The fix – Use an automated backup solution that backs up to a local target and to the cloud. This ensures you can get data back fast if you experience a local hardware failure. And it enables cloud recovery for more widespread, regional outages.
Data encryption
- The problem – The cloud is not always as secure as people assume. The best way to protect data in the cloud is to store it using advanced encryption, with at least 128-bit AES encryption for data at rest. But a lot of people don’t know the level of security for their cloud data, if there’s any at all.
- The riskiest – Half of respondents either have no encryption for their cloud data or they don’t know whether or not it’s encrypted. This is especially true with free cloud storage services, many of which use no encryption. Remember, online cloud storage is not the same as cloud backup.
- The fix – Make sure the data you store in the cloud uses at least 128-bit encryption for data at rest, or 256-bit for especially sensitive data.
Jurczajk, Steve. “5 Cyber Fixes or Risky Online Behaviors” Carbonite August 2020
No one wants to become a victim of a social engineering attack, so it’s important to recognize an attack in progress and not be tricked into responding to it inappropriately.
Trained and aware employees are critical to securing an organization, and an effective, ongoing internal security awareness program can help reduce your company’s vulnerability, turning the “weakest link” in your cyber defenses into its greatest strength.
One of our most important roles as a technology service provider is to protect the assets of our clients. No matter how big or small your business is, a single compromised credential could put your entire business at risk. Give us a call to further discuss how we can help in protecting your business against cybersecurity threats and how we can make technology work for your business.
Call us now at 732.780.8615 or email us at [email protected]